package com.blb.springsecurity.controller;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class HelloController {
    //外层页面
    @RequestMapping("/{page}.html")
    public String page(@PathVariable String page , Model model){
        if ("hello".equals(page)){
            //从Security中获得用户信息和权限
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            //用户信息
            Object principal = authentication.getPrincipal();
            if(principal instanceof User){
                User user = (User) principal;
                model.addAttribute("username",user.getUsername());
                model.addAttribute("authorities",user.getAuthorities());
            }else {
                model.addAttribute("username",principal);
            }

        }
        return page;
    }
    //内层
    @RequestMapping("/{path}/{page}.html")
    public String page2(@PathVariable String path,@PathVariable String page){
        return path + "/" + page;
    }
}
